package com.example.framework.config.shiro;

import com.example.project.entity.UserInfoBean;
import com.example.project.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * 认证和授权
 */
public class UserRealm extends AuthorizingRealm {
    @Autowired
    private UserService userService;
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        Subject subject = SecurityUtils.getSubject();
        UserInfoBean currentUser = (UserInfoBean)subject.getPrincipal();//拿到user对象
        info.addStringPermission(currentUser.getPermission());//获取到该user对象的权限并赋给它
        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //获取前端给予的Token对象里面封装了用户名和密码
        UsernamePasswordToken userToken=(UsernamePasswordToken)authenticationToken;
        //将token里的用户名用来查询数据库里是否存在该用户
        UserInfoBean user = userService.selectUserByUsername(userToken.getUsername());
        if (user==null){//如果用户不存在
            return null;//抛出异常UnknownAccountException
        }
        //返回密码
        return new SimpleAuthenticationInfo(user,user.getPassword(),"");
    }
}
